Primary Rate Interface

January 16, 2013, 4:43 am

≫ Next: PRINT PDF SINGLE PAGE INTO 2 PAGES

$

0

0

The Primary Rate Interface (PRI) is a standardized telecommunications service level within the Integrated Services Digital Network (ISDN) specification for carrying multiple DS0 voice and data transmissions between a network and a user.
 
PRI is the standard for providing telecommunication services to offices. It is based on the T-carrier (T1) line in the US and Canada, and the E-carrier (E1) line in Europe. The T1 line consists of 24 channels, while an E1 has 32.

---

PRINT PDF SINGLE PAGE INTO 2 PAGES

January 16, 2013, 8:47 pm

≫ Next: PHOTOCOPIER ERROR (E04-01)

≪ Previous: Primary Rate Interface

$

0

0

PRINT PDF SINGLE PAGE INTO 2 PAGES

I PRINTED IT WITH PANASONIC DP-3520 PRINTER.. GO TO FILE --> PRINT --> PROPERTIES.

 THEN AT BOTTOM GOTO POSTER LAYOUT.

THEN IN STYLE SELECT 1x2 (FIRST OPTION). THEN PRESS OK.

FINALLY PRINT IT.....!

PHOTOCOPIER ERROR (E04-01)

January 24, 2013, 2:17 am

≫ Next: UBUNTU-BIND9-CACHING-NAME-SERVER

≪ Previous: PRINT PDF SINGLE PAGE INTO 2 PAGES

$

0

0

PHOTOCOPIER ERROR (E04-01)
Press below keys together
Function --> Original size --> 3
Then
Press 9
Then
Press start
Then
ram initialize
Then
lbpfuser reset -->> yes
Switch Off the machine and thenswitch it on

UBUNTU-BIND9-CACHING-NAME-SERVER

January 28, 2013, 3:24 am

≫ Next: UFW - UBUNTU FIREWALL

≪ Previous: PHOTOCOPIER ERROR (E04-01)

$

0

0

Caching Nameserver

The default configuration is setup to act as a caching server. All that is required is simply adding the IP Addresses of your ISP's DNS servers. Simply uncomment and edit the following in /etc/bind/named.conf.options:

forwarders {
                1.2.3.4;
                5.6.7.8;

 };

Listen-on { 127.0.0.1; 192.168.1.x; };

Replace 1.2.3.4 and 5.6.7.8 with the IP Adresses of actual nameservers. Also add "Listen-on line to limit the dns to specific interface.   

Now restart the DNS server, to enable the new configuration. From a terminal prompt:

sudo service bind9 restart

use dig tool to check

UFW - UBUNTU FIREWALL

February 11, 2013, 6:14 pm

≫ Next: UBUNTU QUOTA CONFIGURATION

≪ Previous: UBUNTU-BIND9-CACHING-NAME-SERVER

$

0

0

## UFW configuration files
/etc/ufw/

## Install if not installed
apt-get update
apt-get install ufw

## firewall enable or disable
ufw enable | disable

## firewall logging on or off
ufw logging on|off

## check firewall status
ufw status

## allow ssh service from everywhere
ufw allow 22                   

## Allow ssh from 172.168.1.100
ufw allow from 172.168.1.100 to any port 22   


## Allow all traffic from local network to an interface
ufw allow from 192.168.1.0/24 to 192.168.1.11
 
## allow ssh from ip and to server
ufw allow from 192.168.79.129 to 192.168.79.128 port 22      

## deny ssh
ufw deny 22

## firewall delete allow rule for port 80 tcp
ufw delete allow 80/tcp

## firewall delete  allow rule for port 53
ufw delete allow 53

## When all required services allowed then let’s shut everything else down
ufw default allow|deny

UBUNTU QUOTA CONFIGURATION

February 12, 2013, 10:40 pm

≫ Next: UBUNTU WIFI CONFIGURATION

≪ Previous: UFW - UBUNTU FIREWALL

$

0

0

## Ubutnu Quota configuration
sudo apt-get install quota quotatool

nano /etc/fstab
/dev/sda1     /               ext4    errors=remount-ro,usrquota,grpquota 0       1

root@ubuntu:/# mount -o remount /
root@ubuntu:/# quotacheck -avugm

root@ubuntu:/# quotaon -avug
/dev/disk/by-uuid/62905db6-a34e-42d0-a9da-feb18d548046 [/]: group quotas turned on
/dev/disk/by-uuid/62905db6-a34e-42d0-a9da-feb18d548046 [/]: user quotas turned on

quotatool -u asad -bq 5000Mb -l "6000 Mb" / -v

quotatool -u noreen -bq 5000Mb -l "6000 Mb" / -v

quotatool -u adnan -bq 5000Mb -l "6000 Mb" / -v

quotatool -u ibtisam -bq 5000Mb -l "6000 Mb" / -v

quotatool -u adil -bq 5000Mb -l "6000 Mb" / -v

quotatool -u zahoor -bq 5000Mb -l "6000 Mb" / -v

quotatool -u shahab -bq 5000Mb -l "6000 Mb" / -v

quotatool -u ibrar -bq 5000Mb -l "6000 Mb" / -v

UBUNTU WIFI CONFIGURATION

February 15, 2013, 3:24 am

≫ Next: SQUID TRANSPARENT PROXY ON UBUNTU

≪ Previous: UBUNTU QUOTA CONFIGURATION

$

0

0

## To add wifi network
apt-get install wpasupplicant wireless-tools

nano /etc/network/interfaces
auto wlan0
iface wlan0 inet dhcp
wpa-ssid  mywif
wpa-psk  password

SQUID TRANSPARENT PROXY ON UBUNTU

February 16, 2013, 10:09 am

≫ Next: IPTABLES TO BLOCK TORRENT

≪ Previous: UBUNTU WIFI CONFIGURATION

$

0

0

SQUID TRANSPARENT PROXY 3.1.19 ON UBUNTU 12 STEP BY STEP

sudo su

apt-get install squid

#Key File Locations
## Squid configuration file
/etc/squid/squid.conf

## Squid access log file

/var/log/squid/access.log

cp /etc/squid3/squid.conf  /etc/squid3/squid.conf.orig

## To remove blank and commented lines 

cd /etc/squid3/ 

sed '/^$/d' squid.conf > squid.conf.ed && sed '/^\#/d' squid.conf.ed > squid.conf.edi && echo $?

mv squid.conf.edi squid.conf 

nano /etc/squid3/squid.conf 

## WELCOME TO SQUID 3.1.19
## -----------------------
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt 

acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

## Insert your own rules here
acl bldownload url_regex -i "/etc/squid3/download.acl"
acl download method GET
acl officehours time MTWHF 9:00-13:00
acl officehours time MTWHF 14:00-17:00
acl blsites url_regex -i "/etc/squid3/officetime.acl"

http_access deny bldownload
http_access deny download
http_access deny blsites officehours

acl fblock dstdomain .facebook.com
http_reply_access deny  fblock officehours
http_access deny CONNECT fblock officehours

http_access allow localnet
http_access deny all

http_port 192.168.0.10:3128 intercept

## Cache Settings
cache_mem 51200 MB
memory_replacement_policy lru
cache_replacement_policy lru
cache_dir ufs /cache/squid3 51200 16 256

#cache_mem and cache_dir 51200 must be same otherwise it will be a warning to initialize cache

## Access and Cache logs
access_log /var/log/squid3/access.log squid
cache_log /var/log/squid3/cache.log

coredump_dir /proxycache/squid3

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .               0       20%     4320

visible_hostname raabtaproxy

mkdir /cache&& mkdir /cache/squid3 && chown proxy:proxy /cache/squid3 && chmod 777 /cache/squid3 && echo $?

touch /etc/squid3/download.acl && touch /etc/squid3/officetime.acl && echo $?

## To start restart or stop the squid
/etc/init.d/squid3 start|restart|stop  

## To reconfigure policies 

squid3 -k reconfigure 

## to initialize cache

squid3 -z

## To make transparent proxy

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 3128
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERAD

## To save iptables 

iptables-save > iptables-tproxy

## To restore iptables

iptables-restore < iptables-tproxy

---

IPTABLES TO BLOCK TORRENT

February 16, 2013, 11:16 am

≫ Next: CRON JOB IN LINUX

≪ Previous: SQUID TRANSPARENT PROXY ON UBUNTU

$

0

0

## IPTABLES TO BLOCK TORRENT (working correctly)
iptables -A INPUT -m string --string "BitTorrent" --algo bm --to 65535 -j DROP

iptables -A INPUT -m string --string "BitTorrent protocol" --algo bm --to 65535 -j DROP 

iptables -A INPUT -m string --string "peer_id=" --algo bm --to 65535 -j DROP 

iptables -A INPUT -m string --string ".torrent" --algo bm --to 65535 -j DROP

iptables -A INPUT -m string --string "announce.php?passkey=" --algo bm --to 65535 -j DROP

iptables -A INPUT -m string --string "torrent" --algo bm --to 65535 -j DROP

iptables -A INPUT -m string --string "announce" --algo bm --to 65535 -j DROP 

iptables -A INPUT -m string --string "info_hash" --algo bm --to 65535 -j DROP

iptables -A INPUT -m string --string "peer_id" --algo kmp --to 65535 -j DROP 

iptables -A INPUT -m string --string "BitTorrent" --algo kmp --to 65535 -j DROP 

iptables -A INPUT -m string --string "BitTorrent protocol" --algo kmp --to 65535 -j DROP

iptables -A INPUT -m string --string "bittorrent-announce" --algo kmp --to 65535 -j DROP 

iptables -A INPUT -m string --string "announce.php?passkey=" --algo kmp --to 65535 -j DROP

iptables -A INPUT -m string --string "find_node" --algo kmp --to 65535 -j DROP 

iptables -A INPUT -m string --string "info_hash" --algo kmp --to 65535 -j DROP 

iptables -A INPUT -m string --string "get_peers" --algo kmp --to 65535 -j DROP

iptables -A INPUT -m string --string "announce" --algo kmp --to 65535 -j DROP 

iptables -A INPUT -m string --string "announce_peers" --algo kmp --to 65535 -j DROP

CRON JOB IN LINUX

February 21, 2013, 8:29 pm

≫ Next: PANASONIC DP-3520 SCANNER CONFIGURATION

≪ Previous: IPTABLES TO BLOCK TORRENT

$

0

0

CRON JOB IN LINUX

The following line specifies that the Apache error log is to be cleared at one minute past midnight (00:01) of every day of the month, of every day of the week, assuming that the default shell for the cron user is Bourne Shell.
compliant:

10***printf>/var/log/apache/error_log

The following line causes the user program test.pl– ostensibly a Perl script – to be run every two hours, namely at midnight, 2am, 4am, 6am, 8am, and so on:

0*/2***/home/username/test.pl

Predefined scheduling definitions

There are several special predefined values which can be used to substitute the CRON expression.

Entry	Description	Equivalent To
@yearly (or @annually)	Run once a year at midnight in the morning of January 1	0 0 1 1 *
@monthly	Run once a month at midnight in the morning of the first of the month	0 0 1 * *
@weekly	Run once a week at midnight in the morning of Sunday	0 0 * * 0
@daily	Run once a day at midnight	0 0 * * *
@hourly	Run once an hour at the beginning of the hour	0 * * * *
@reboot	Run at startup	@reboot

*    *    *    *    *  command to be executed
┬    ┬    ┬    ┬    ┬
│    │    │    │    │
│    │    │    │    │
│    │    │    │    └───── day of week (0 - 7) (0 or 7 are Sunday, or use names)
│    │    │    └────────── month (1 - 12)
│    │    └─────────────── day of month (1 - 31)
│    └──────────────────── hour (0 - 23)
└───────────────────────── min (0 - 59)

@reboot configures a job to run once when the daemon is started. Since cron is typically never restarted, this typically corresponds to the machine being booted. This behavior is enforced in some variations of cron, such as that 

provided in Debian so that simply restarting the daemon does not re-run @reboot jobs.
@reboot can be useful if there is a need to start up a server or daemon under a particular user, and the user does not have access to configure init to start the program.
There are sites where the cron expressions are described as containing also seconds setting.

cron permissions

The following two files play an important role:

• /etc/cron.allow - If this file exists, then you must be listed therein (your username must be listed) in order to be allowed to use cron jobs.
• /etc/cron.deny - If the cron.allow file does not exist but the /etc/cron.deny file does exist, then you must not be listed in the /etc/cron.deny file in order to use cron jobs.

Please note that if neither of these files exists, then depending on site-dependent configuration parameters, only the super user will be allowed to use cron jobs, or all users will be able to use cron jobs.

CRON expression

A CRON expression is a string comprising 5 or 6 fields separated by white space that represents a set of times, normally as a schedule to execute some routine.

Format

Field name	Mandatory?	Allowed values	Allowed special characters
Minutes	Yes	0-59	* / , -
Hours	Yes	0-23	* / , -
Day of month	Yes	1-31	* / , - ? L W
Month	Yes	1-12 or JAN-DEC	* / , -
Day of week	Yes	0-6 or SUN-SAT	* / , - ? L #
Year	No	1970–2099	* / , -

In some uses of the CRON format there is also a seconds field at the beginning of the pattern

Special characters

Support for each special character depends on specific distributions and versions of cron

Asterisk ( * )

The asterisk indicates that the cron expression will match for all values of the field; e.g., using an asterisk in the 4th field (month) would indicate every month.

Slash ( / )

Slashes are used to describe increments of ranges. For example 3-59/15 in the 1st field (minutes) would indicate the 3rd minute of the hour and every 15 minutes thereafter. The form "*/..." is equivalent to the form "first-last/...", that is, an increment over the largest possible range of the field.

Percent ( % )

Percent-signs (%) in the command, unless escaped with backslash (\), will be changed into newline characters, and all data after the first % will be sent to the command as standard input.

Comma ( , )

Commas are used to separate items of a list. For example, using "MON,WED,FRI" in the 5th field (day of week) would mean Mondays, Wednesdays and Fridays.

Hyphen ( - )

Hyphens are used to define ranges. For example, 2000-2010 would indicate every year between 2000 and 2010 CE inclusive.

L

'L' stands for "last". When used in the day-of-week field, it allows you to specify constructs such as "the last Friday" ("5L") of a given month. In the day-of-month field, it specifies the last day of the month.

W

The 'W' character is allowed for the day-of-month field. This character is used to specify the weekday (Monday-Friday) nearest the given day. As an example, if you were to specify "15W" as the value for the day-of-month field, the meaning is: "the nearest weekday to the 15th of the month". So if the 15th is a Saturday, the trigger will fire on Friday the 14th. If the 15th is a Sunday, the trigger will fire on Monday the 16th. If the 15th is a Tuesday, then it will fire on Tuesday the 15th. However if you specify "1W" as the value for day-of-month, and the 1st is a Saturday, the trigger will fire on Monday the 3rd, as it will not 'jump' over the boundary of a month's days. The 'W' character can be specified only when the day-of-month is a single day, not a range or list of days.

Hash ( # )

'#' is allowed for the day-of-week field, and must be followed by a number between one and five. It allows you to specify constructs such as "the second Friday" of a given month.

Question mark ( ? )

Note: Question mark is a non-standard character and exists only in some cron implementations. It is used instead of '*' for leaving either day-of-month or day-of-week blank.

PANASONIC DP-3520 SCANNER CONFIGURATION

February 28, 2013, 11:59 pm

≫ Next: UBUNTU TECH TIPS

≪ Previous: CRON JOB IN LINUX

$

0

0

USE PHOTOCOPIER AS A SCANNER

Function --> Scanner Settings --> Add address 192.168.1.100 --> OK

1. Add static ip in your laptop and install Panasonic Communication Utility.

2. Panasonic Communication Utility also have a windows firewall setting tool. Run this tool and allow Panasonic communication utility through firewall.

UBUNTU TECH TIPS

March 5, 2013, 3:36 am

≫ Next: PANASONIC PHOTOCOPIER IP CHANGE

≪ Previous: PANASONIC DP-3520 SCANNER CONFIGURATION

$

0

0

To enable root user in UBUNTU
# sudo passwd

Sudo will prompt you for your password, and then ask you to supply a new password for root as shown below:
sudo password for username: user password
enter new UNIX password: password for root
retype new UNIX password: password for root

To disable root user
# sudo passwd -l root

To add or delete users
# adduser username
# deluser username

To add or delete group
# addgroup groupname
# delgroup groupname

To view directory space usage in human readable format
# du -sh /directory

To add or remove network interfaces
# vi /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 110.xxx.xx.xx
netmask 255.255.255.xxx
gateway 110.xxx.xx.xx

auto eth1
iface eth1 inet static
address 192.168.1.x
netmask 255.255.255.0
network 192.168.1.0

auto eth2
iface eth2 inet dhcp

## GUI PACKAGE MANAGEMENT TOOL
$ synaptic &

## TO REMOVE PACKAGES USING TERMINAL

For example remove package called mplayer, enter:
$ sudo apt-get remove mplayer



##To list all installed package
dpkg --list
dpkg --list | less
dpkg --list | grep -i 'squid3'


Remove package called squid3 along with all configuration files, enter:
$ sudo apt-get --purge remove squid3

PANASONIC PHOTOCOPIER IP CHANGE

March 7, 2013, 4:22 am

≫ Next: UBUNTU BONDING (teaming) NETWORK INTERFACES

≪ Previous: UBUNTU TECH TIPS

$

0

0

GOTO 
1. Function
2. General Settings
3. Key operator mode
4. Put 4 digit code (default is 0000)
5. TCP/IP Address (scroll down menu)

UBUNTU BONDING (teaming) NETWORK INTERFACES

March 8, 2013, 8:59 pm

≫ Next: LINUX/UNIX TIMESTAMP CONVERTER

≪ Previous: PANASONIC PHOTOCOPIER IP CHANGE

$

0

0

## Install ifenslave
sudo apt-get install ifenslave-2.6

## add bonding module

sudo vi /etc/modules

kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.

loop
lp
rtc
bonding

## Stop network to load bonding module
/etc/init.d/networking stop

## Load bonding module
sudo modprobe bonding

## Edit interfaces file and add as you required
vi /etc/network/interfaces
auto eth1
iface eth1 inet manual
bond-master bond0

auto eth2
iface eth2 inet manual
bond-master bond0

auto bond0
iface bond0 inet static
address 192.168.1.2
netmask 255.255.255.0
network 192.168.1.0
bond-mode balance-rr
bond-miimon 100
bond-downdelay 200
bond-updelay 200
bond-slaves eth1 eth2

## Create bonding.conf file and add two lines below
vi /etc/modprobe.d/bonding.conf
alias bond0 bonding
options bonding mode=0 downdelay=200 updelay=200

## Start network
/etc/init.d/networking start

## To verify bond working 
cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 200
Down Delay (ms): 200

Slave Interface: eth2
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: e0:69:95:ab:2c:54
Slave queue ID: 0

Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 90:f6:52:03:49:7e
Slave queue ID: 0

## Descriptions of bonding modes

Mode 0

balance-rr

Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.

Mode 1

active-backup

Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.

Mode 2

balance-xor

XOR policy: Transmit based on [(source MAC address XOR'd with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.

Mode 3

broadcast

Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.

Mode 4

802.3ad

IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.

• Prerequisites:
  1. Ethtool support in the base drivers for retrieving the speed and duplex of each slave.
  2. A switch that supports IEEE 802.3ad Dynamic link aggregation. Most switches will require some type of configuration to enable 802.3ad mode.
Mode 5
balance-tlb

Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.

• Prerequisites:
  • Ethtool support in the base drivers for retrieving the speed of each slave.
Mode 6
balance-alb

Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server.

LINUX/UNIX TIMESTAMP CONVERTER

March 10, 2013, 11:33 pm

≫ Next: SQUID DELAY POOLS

≪ Previous: UBUNTU BONDING (teaming) NETWORK INTERFACES

$

0

0

Open Terminal and run below command
## put time stamp after @

date -d @1362982446

Mon Mar 11 11:14:06 PKT 2013
 

---

SQUID DELAY POOLS

March 14, 2013, 4:29 am

≫ Next: UBUNTU apt-get update and upgrade

≪ Previous: LINUX/UNIX TIMESTAMP CONVERTER

$

0

0

This defines the parameters for a delay pool.  Each delay pool has
 a number of "buckets" associated with it, as explained in the
 description of delay_class.

 For a class 1 delay pool, the syntax is:
  delay_pools pool 1
  delay_parameters pool aggregate

 For a class 2 delay pool:
  delay_pools pool 2
  delay_parameters pool aggregate individual

 For a class 3 delay pool:
  delay_pools pool 3
  delay_parameters pool aggregate network individual

 For a class 4 delay pool:
  delay_pools pool 4
  delay_parameters pool aggregate network individual user

 For a class 5 delay pool:
  delay_pools pool 5
  delay_parameters pool tagrate

 The option variables are:

  pool  a pool number - ie, a number between 1 and the
    number specified in delay_pools as used in
    delay_class lines.

  aggregate the speed limit parameters for the aggregate bucket
    (class 1, 2, 3).

  individual the speed limit parameters for the individual
    buckets (class 2, 3).

  network  the speed limit parameters for the network buckets
    (class 3).

  user  the speed limit parameters for the user buckets
    (class 4).

  tagrate  the speed limit parameters for the tag buckets
    (class 5).

 A pair of delay parameters is written restore/maximum, where restore is
 the number of bytes (not bits - modem and network speeds are usually
 quoted in bits) per second placed into the bucket, and maximum is the
 maximum number of bytes which can be in the bucket at any time.

 There must be one delay_parameters line for each delay pool.

 For example, if delay pool number 1 is a class 2 delay pool as in the
 above example, and is being used to strictly limit each host to 64Kbit/sec
 (plus overheads), with no overall limit, the line is:

  delay_parameters 1 -1/-1 8000/8000

 Note that 8 x 8000 KByte/sec -> 64Kbit/sec.

 Note that the figure -1 is used to represent "unlimited".

 And, if delay pool number 2 is a class 3 delay pool as in the above
 example, and you want to limit it to a total of 256Kbit/sec (strict limit)
 with each 8-bit network permitted 64Kbit/sec (strict limit) and each
 individual host permitted 4800bit/sec with a bucket maximum size of 64Kbits
 to permit a decent web page to be downloaded at a decent speed
 (if the network is not being limited due to overuse) but slow down
 large downloads more significantly:

  delay_parameters 2 32000/32000 8000/8000 600/8000

 Note that 8 x 32000 KByte/sec -> 256Kbit/sec.
    8 x  8000 KByte/sec ->  64Kbit/sec.
    8 x   600 Byte/sec  -> 4800bit/sec.

 Finally, for a class 4 delay pool as in the example - each user will
 be limited to 128Kbits/sec no matter how many workstations they are logged into.:

  delay_parameters 4 32000/32000 8000/8000 600/64000 16000/16000

## Dealy Pool 1 complete configuration 

delay_pools 1
delay_class 1 1
delay_parameters 1 384000/384000  #3MB link aggregate
delay_access 1 allow localnet
delay_access 1 deny all 

UBUNTU apt-get update and upgrade

March 19, 2013, 11:18 pm

≫ Next: UBUNTU IPTABLES LOAD AUTO AT START

≪ Previous: SQUID DELAY POOLS

$

0

0

First run update, then upgrade. Neither of them automatically runs the other.

• apt-get update updates the list of available packages and their versions, but it does not install or upgrade any packages.
  
  
• apt-get upgrade actually installs newer versions of the packages you have. After updating the lists, the package manager knows about available updates for the software you have installed. This is why you first want to update.

UBUNTU IPTABLES LOAD AUTO AT START

March 20, 2013, 2:02 am

≫ Next: AUDITD CONFIGURATION TO MONITOR ADDITION AND DELETION IN /VAR/WWW

≪ Previous: UBUNTU apt-get update and upgrade

$

0

0

Auto Saving IP Tables and Auto Loading in UBUNTU

Although the IP tables are effective, they will automatically be deleted if the server reboots. To make sure that they remain in effect, we can use a package called IP-Tables persistent.

We can install it using apt-get:

sudo apt-get install iptables-persistent

During the installation, you will be asked if you want to save the iptable rules to both the IPv4 rules and the IPv6 rules. Say yes to both.

Your rules will then be saved in /etc/iptables/rules.v4 and /etc/iptables/rules.v6.

Once the installation is complete, start iptables-persistent running:

sudo service iptables-persistent start

After any server reboot, you will see that the rules remain in place. 

/etc/init.d/iptables-persistent {start|restart|reload|force-reload|save|flush}

AUDITD CONFIGURATION TO MONITOR ADDITION AND DELETION IN /VAR/WWW

March 22, 2013, 5:47 am

≫ Next: MYSQL PROCESSESS LISTING AND KILL

≪ Previous: UBUNTU IPTABLES LOAD AUTO AT START

$

0

0

Install auditd to monitor addition and deletion in /var/www
#To install auditd in ubuntu
apt-get install auditd

nano /etc/audit/audit.rules

# This file contains the auditctl rules that are loaded
# whenever the audit daemon is started via the initscripts.
# The rules are simply the parameters that would be passed
# to auditctl.

# First rule - delete all
-D

# Increase the buffers to survive stress events.
# Make this bigger for busy systems
-b 1024

-a exit,always -S unlink -S rmdir
-a exit,always -S stime.*
-a exit,always -S setrlimit.*
-w /var/www -p wa
-w /etc/group -p wa
-w /etc/passwd -p wa
-w /etc/shadow -p wa
-w /etc/sudoers -p wa

# Disable adding any additional rules - note that adding *new* rules will require a reboot
-e 2

Reboot the System and it will be working fine

To search addition or deletion activity on /var/www
ausearch -f /var/www

MYSQL PROCESSESS LISTING AND KILL

March 26, 2013, 2:51 am

≫ Next: SARG INSTALLATION ON UBUNTU 12

≪ Previous: AUDITD CONFIGURATION TO MONITOR ADDITION AND DELETION IN /VAR/WWW

$

0

0

MYSQL PROCESSES LISTING AND KILL

# mysql -uroot -p

mysql> show processlist\G
     Id: 1359
   User: root
   Host: localhost
     db: contentanalysis
Command: Query
   Time: 346
  State: Copying to tmp table
   Info: SELECT  SQL_CALC_FOUND_ROWS id, filepath FROM content WHERE filepath IN (  SELECT filepath
FROM cont

mysql> kill 1359;

mysql> show processlist;